Medicare Needs To Elevate IT Approach, Says NRC

New challenges, from health insurance exchanges to shared savings programs, demand that the agency integrate IT into all of its systems and strategies, says National Research Council.

(click image for larger view)

Slideshow: 6 Top-Notch E-Prescribing Options

As the Centers for Medicare and Medicaid Services (CMS) confronts a large number of new IT challenges, such as supporting state insurance exchanges and testing new reimbursement and care delivery models, it must transform its approach to IT systems. So says a new report from the National Research Council, commissioned by CMS.

The NRC study recommends that the agency shift from viewing the IT function as an operational necessity to seeing it as a "critical strategic element." The report also advises CMS to draw up a long-term strategic plan that treats its IT capabilities as an integral component of its strategy.

"IT is at the heart of virtually every CMS business interaction, process, and decision," says the report. Therefore, the study suggests, it's not sufficient to simply upgrade and modernize the agency's systems, which are of varying age and staggering complexity. The systems must be aligned with the agency's overall goals.

The overall transformation of CMS systems, the report says, should be based on the reality that the agency is changing its primary function: Instead of simply being a huge claims processor, it is now combining Medicare and Medicaid reimbursement with a focus on "improvements in quality, safety, and equity of healthcare and outcomes for individuals and populations."

Even if the healthcare reform law didn't exist, CMS would still have to modernize its systems, noted Edward H. Shortliffe, chair of the NRC committee that produced the report, in an interview with InformationWeek Healthcare. "The issue of modernization is one they knew they had to face and was the major impetus for them to come to the NRC for advice," said Shortliffe, who is also president and CEO of the American Medical Informatics Association (AMIA).

The office of information services at CMS has been doing its own strategic planning, Shortliffe said, but only in the context of IT. NRC is recommending that the IT plan be part of CMS' overall strategic plan and that the IT leadership become part of the top management structure of CMS--which, up to now, it has not been.

The report also suggests that CMS focus more on its internal IT workforce capabilities, but Shortliffe said that the NRC did not mean it should bring more IT work in-house.

"CMS, like other federal agencies, will always have a significant dependence on outsourcing of certain functions," he said. "We were not questioning that pattern. We were concerned, however, that the expertise required for big picture oversight and coordination across all the activities and the contractors might not have been optimal at CMS.

"So we're not recommending that CMS move things in-house, but that they have the kind of expertise that's necessary to keep a coherent strategic plan in place. And when RFPs go out to contractors and contracts are negotiated, CMS should be in a position to make sure the solutions being proposed fit into a larger strategic model."

The NRC report did not estimate the cost of overhauling CMS' systems. But Shortliffe noted that CMS' funding comes from Congress and that "infrastructure investment is very hard to get the resources for. That's one of the challenges for modernization."

NRC took two approaches to this problem. First, Shortliffe said, "We pointed out that much of what needs to happen in order to modernize the systems is not fundamentally fiscal, but organizational and cultural."

Second, he said, the goal must be achieved incrementally, because CMS won't get the funding to redo its entire infrastructure. "But we feel there could be a logical approach even within current budget levels if the right organizational structure and cultural adaptation incur."

CMS is facing many near-term IT challenges, including state insurance exchanges, the new ICD-10 codeset, shared savings, bundled payment, and value-based purchasing programs. Up to now, Shortliffe noted, CMS has "done a remarkable job of meeting deadlines," including that of the Medicare Part D transition several years ago. "But that puts [CMS' IT staff] in chronic crisis mode: 'What's the next deadline we have to meet?'

"So we need to distinguish between the things that CMS will need to do to meet the short-term imperatives, and those that are part of this reasoned strategic effort to modernize and get better systems integration."

Reading the article, it goes from the lofty to the nitty-gritty, which I believe that not only Medicare, but many organizations face regarding their IT. The report begins with IT's necessity to become an integral part of overall strategy at CMS. Then it goes on to say it needs to upgrade and modernize its IT. Then it gets down to, well you can do this and this incrementally because you just can't modernize it all at once because it's too costly.

Which is too true, everywhere. IT does need to be a part of overall strategy and reflect that within the platforms and tools chosen. All in all, a very onerous task.

To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.

Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.